Is it possible to create a new user in sonar without using the web interface?
I need to write a script that inserts the same users for some tools, including sonar.
There are three ways you can do this:
Write directly to the database (there is a simple table called users).
Use the LDAP plugin, if you specify sonar.authenticator.createUsers: true in sonar.properties, it will create the users in the sonar database automatically the first time they authenticate.
Write a java application that depends on the sonar plugin API, you can then use constructor injection to get a Sonar hibernate session and persist the user you want. See Here.
Since SonarQube version 3.6, there is support for user management in webservice API:
https://sonarqube.com/web_api/api/users
http://docs.sonarqube.org/display/DEV/Web+API
The web service API does not seem to support user management. Anything's possible, but it doesn't look like this is offered directly via Sonar.
You could probably use some web automation library (webbrowser, webunit, watir, twill) to do it through the running server; it might even be possible to just use something like 'curl' by looking carefully at the page source for the users/create form.
Or, if you want to go straight to the database, you could try to pull out the user creation functionality from the code and mess with the sonar.users table directly.
There is the LDAP Plugin, which would take care of authentication, but it still requires you to create the users in Sonar, so that wouldn't solve your problem.
Related
I am willing to create a private maven repository, where the access rules are not based on groups/patterns, but on completely custom rules. I've checked both nexus and jfrog, both of them keeping the simple user/group/pattern approach. And (AFAICS), although they provide custom ways to authenticate, they don't provide a was for custom access rules.
For this reason I have started thinking the opposite: what if I can create a simple repository with my custom rules. But when I searched in the Apache documentation, there was no clear explanation how authentication is performed on the back side.
Does anyone knows how this is done, and maybe point me to the correct documentation?
Authentication is done by HTTP Basic Authentication which basically concats the username and password and base64 encodes that. So Maven and Apache do understand each other.
But out of the box the Apache authorization is based on, you guessed, it. Directories (which represent Maven's artifact groups), username and groups. So unless you are willing to write a custom Apache model you won't gain a lot. Probably IP based access control can be done with Apache alone better than with Nexus/JFrog but I haven't looked at the authentication settings for ages.
In Artifactory what you can do, in order to achieve what you mentioned, is to create permission target per user. Meaning that all of your Maven users will deploy to the same repository BUT each to a different name space. For example, 'com/{company}/{project}/' (please replace the company and project with real values)
This is done on the permission target using the 'Include Pattern' so let's say that my company name is JFrog, and I'm working on a project named 'artifactory' I will have a permission target with the following include pattern '/com/jfrog/artifactory/**/*'.
You can also create those permission targets using a script that will automate it for you using this REST API.
That means that I will only be able to reach this namespace.
Does that help?
Is this a good practice to use CommandLineRunner to setup app on the first deploy. For example, I want to:
Create user's roles in the DB;
Load admin's login and pass from property file and create admin-user (on user per app) in the DB.
Or can you advise a better variant for me?
I would not recommend doing it that way. Database setup, as well as future migrations, are handled nicely with either Flyway or Liquibase.
I am using chef and one of my recipe needs to upload the sonar quality profile automatically and set it as default. Right now, I am doing it using browser automation using selenium but I dont like it and i dont believe that it is the right way to do. Has anyone done the upload using some API or a script? Any programming language or specific methods is fine although I am using Ruby (chef is a ruby DSL). Any pointers please?
SonarQube supports a REST API that you could invoke using ruby.
There is a documentation option for:
Restore a quality profile
Setting profile as default
I have never tried these, so I think you'll have to take a look at how Sonar performs profile backups. I would suggest considering an approach where the profile is saved in your cookbook as a template (allowing you to sub values in) and submitted to Sonar as a restoration.
I'm having trouble finding a web interface in Heroku to write SQL queries that can be created by app collaborators. I want to be able to query from a computer that doesn't have the heroku toolbelt installed as a collaborator.
Currently, I've been using the dataclips feature to do such a task, however it only allows the query to be modified by the app owner.
I'm not sure if I'm just misunderstanding how Heroku Dataclips works or just can't find a feature that allows collaborators to do such a task?
Collaborators in your application can also modify dataclips. However data clips are intended to be a 'data clip' and not a webUI onto your database. Giving anyone the ability to update your application/data requires them to be a collaborator. Heroku provides no other security role than that.
As also described here, I'm trying to determine the best way to initialize and update my application's database. I use EclipseLink-JPA2. I distribute a NetBeans platform application.
Considered options:
use create-tables ddl-generation:
The problem with this is that everytime the application runs it will throw exceptions, failing to create the tables. It will be useful only at setup time. This would be similar to placing checking code in the module restored() method.
include the database with the application distribution: the ddl-generation strategy becomes do nothing. I could still use the JPA (at development time) to generate the database files (embedded Java DB).
The best solution would be for the installer/setup (first-time) to call initializing code that creates the database. This precisely what I do with JWS in here. But I don't know how to do that without JWS. A script/jar executed by the installer?
Distribute your NetBeans Platform application via JWS.
It seems like you already have this problem sorted out with JWS, so just use that solution to deploy your NetBeans platform app.
EDIT
An alternative approach would be to use a Module Installer that checks for the existence of a config file. If the file exists then the application has been run before and the setup is not required. If the file doesn't exist then run your setup steps.
Have a look at this tutorial, they're using a module installer to create a login dialog.